CrowdSec Reviews & Product Details

What I love about it is it's open source nature. By parsing logs you can block bad actors just like you would with fail2ban - but with grok patterns which are way easier to write and implement. New parsers are easily constructed and it's really easy to keep a ton of bad traffic out of your network. Review collected by and hosted on G2.com.

A bad thing about it is that you'd have to get a premium subscription in case you want more 'signals' than you share. Mostly ssh and http scenarios do although cover most of your bases. Review collected by and hosted on G2.com.

It's free and given I have two start ups in pre-seed round that is a god send. It is fantastic software that I use on all my servers. From basic ssh bouncers to more complex strategies. Review collected by and hosted on G2.com.

The UI is really nice, but things can get a bit hairy when you start deploying more complicated bouncers. It's no longer a click and deploy experience and many bouncers I use are community submitted so documentation is hit or miss. Review collected by and hosted on G2.com.

Ease of use:

One of the things that CrowdSec does great is its simplicity. Within a few minutes, I can install CrowdSec, configure it and install a bouncer to protect my servers against cyber attacks.

Flexibility:

CrowdSec is highly flexible in how it can remediate attacks. Many solutions will respond to an attack with a hard firewall block, while firewall blocks are an effective measure, it's false positive prone. CrowdSec allows you to apply the least restrictive remediation against an attack or go as aggressive as you like.

Crowdsourced Threat Intelligence:

Cyber attacks are getting increasingly sophisticated, easy to carry out and widespread, traditional methods of detecting malicious IP addresses are no longer effective. CrowdSec's solution to this is a collaboration with everybody from hobbyists and small businesses to large-scale enterprises like Google, Microsoft and Netflix. When everybody bands together, we can better understand the threat landscape and introduce strong security controls that work for everybody. Review collected by and hosted on G2.com.

Scenarios mainly focus on scanners/brute force attacks:

Many collections and scenarios only protect against brute force attacks, security scanners or bots scanning the internet. I'm not saying not to have scenarios against scanners and brute force attacks, but many of these attacks are harmless for a well-configured and up-to-date server. Review collected by and hosted on G2.com.

Relatively easy to set up on individual servers and provides excellent front-line protection for web applications, including WordPress. It also integrates with self-hosted software like AdGuard Home. Review collected by and hosted on G2.com.

I don't particularly appreciate that they hide their costs if you want more than two IP block lists. I've contacted them several times to get a price but have never heard back. The integration with OPNsense is lackluster and can be improved as there isn't much you can configure via the GUI. Review collected by and hosted on G2.com.

I've been doing Linux administration and cybersecurity for more than twenty years. I found moving from Fail2Ban to CrowdSec came with a fairly steep learning curve, in my opinion. It lacks a lot of common plugin modules and writing your own requires a lot of moving parts and a new quirky language. For example, OpenVPN is an extraordinarily popular software yet no pre built collection, configuration or bouncer exists for it. I found it was not particularly easy/quick to implement a CrowdSec policy for guarding my OpenVPN ports, unlike with Fail2Ban which can whip up a rule quite quickly and with less files.

I dont think the CrowdSec technical documentation is particularly well fleshed out nor easy to follow in comparison with other open source projects across the space. Review collected by and hosted on G2.com.

Not super user friendly to use and implement custom policies for protecting services that do not have a collection, configuration or bouncer available on the CrowdSec Hub Review collected by and hosted on G2.com.

The integration into systems is one of the best features of CrodSec. All you have to do is click "Add Instance" and follow the prompts. In most cases, it's copying a shell command to download and install the agent and bouncer to your server or device.

I also love that you can sign up for a free account to get basic coverage to hobbyist servers and devices (like me). Review collected by and hosted on G2.com.

There is nothing that I can think of initially that I dislike about CrowdSec. Review collected by and hosted on G2.com.

- Easy to use.

- Many possibilities to integrate it, defining golang bouncer scripts.

- Collaborative cyber threat intelligence. Review collected by and hosted on G2.com.

- It should offer Crowdsec Web Panel, also as self-hosted service, on the server where Crowdsec is installed.

- Missing the ability to use custom blocklists in Web Panel, with the possibility to enable only two blocklists for free users.

- A map summarizing the attacks collected and custom alert filters would be appreciated. Review collected by and hosted on G2.com.

It is easy to use and there are already many extensions for the most popular software products. Crowdsec is at home on all the latest operating systems, which makes it easy to manage. And its open source! Review collected by and hosted on G2.com.

Everything is in English, there is no German. Only the most popular products are supported directly. For special programs, you have to become active yourself to fill CrowdSec with data.

The free plan for private persons is already limited and the paid plans are too expensive. Review collected by and hosted on G2.com.

I like the fact that I can connect all of my servers to the centralized dashboard and see what is happening with them all. Review collected by and hosted on G2.com.

I find that some of our services do not have official collections and parsers and we often have to write custom solutions for them. Review collected by and hosted on G2.com.

Simple to install and configure.

Web gui shows useful stats and lookup for bad ip addresses.

Running CrowdSec will help add to the community block list Review collected by and hosted on G2.com.

The most useful blocklist like the VPN list is paywalled.

Pricing is a mystery. Review collected by and hosted on G2.com.